3 matches found
PT-2026-51627
Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.14.3 Description Password-reset tokens are generated using the account-activation lifetime conf.Auth.ActivateCodeLives instead of the intended password-reset lifetime conf.Auth.ResetPasswordCodeLives. Because the token...
CVE-2026-3236
In affected versions of Octopus Server it was possible to create a new API key from an existing access token resulting in the new API key having a lifetime exceeding the original API key used to mint the access token...
PT-2018-15602 · Pulseaudio · Libpulse
Name of the Vulnerable Software and Affected Versions: libpulse-binding versions prior to 2.5.0 Description: The issue is related to a use-after-free problem with property list iteration due to a lack of a lifetime constraint tying the lifetime of a proplist::Iterator to the Proplist object for...